Record:   Prev Next
Author Siliceo, Omar
Title IBM WebSphere Application Server v7.0 Security
Imprint Olton : Packt Publishing, Limited, 2011
book jacket
Edition 1st ed
Descript 1 online resource (315 pages)
text txt rdacontent
computer c rdamedia
online resource cr rdacarrier
Note Intro -- IBM WebSphere Application Server v7.0 Security -- IBM WebSphere Application Server v7.0 Security -- Credits -- About the Author -- About the Reviewers -- -- Support files, eBooks, discount offers and more -- Why Subscribe? -- Free Access for Packt account holders -- Instant Updates on New Packt Books -- Preface -- What this book covers -- What you need for this book -- Who this book is for -- Conventions -- Reader feedback -- Customer support -- Errata -- Piracy -- Questions -- 1. A Threefold View of WebSphere Application Server Security -- Enterprise Application-server infrastructure architecture view -- Simple infrastructure architecture characteristics -- Branded infrastructure elements -- Generic infrastructure components -- Using the infrastructure architecture view -- WebSphere architecture view -- WebSphere Application Server simplified architecture -- WebSphere node component -- WebSphere JVM component -- Using the WebSphere architecture view -- WebSphere technology stack view -- OS platform security -- Java technology security -- WebSphere security -- Using the technology stack view -- Summary -- 2. Securing the Administrative Interface -- Information needed: Planning for security -- The LDAP and security table -- Enabling security -- Setting the domain name -- Starting at the console -- Continuing with the global security page -- Onto the SSO page -- Setting the SSO domain name -- Applying and saving your changes -- Configuring the user registry -- Locating the user registry configuration area -- Registry type selection -- Federated repository -- Local operating system -- LDAP -- Standalone custom registry -- LDAP-the preferred choice -- Reviewing the resulting standalone LDAP registry page -- Defining the WebSphere administrative ID -- Setting the type of LDAP server -- Entering the LDAP server parameters
Providing the LDAP bind identity parameters -- Confirming other miscellaneous LDAP server parameters -- Applying and saving the standalone LDAP configuration -- Confirming the configuration -- Enabling the administrative security -- Locating the administrative security section -- Performing the administrative security configuration steps -- Applying and saving your changes -- Propagating new configuration -- Logging off from the console -- Restarting the deployment manager -- Logging in to the deployment manager console -- Administrative roles -- Disabling security -- Summary -- 3. Configuring User Authentication and Access -- Security domains -- What is a security domain -- Scope of security domains -- Benefits of multiple security domains -- Limitations of security domains -- Administrative security domain -- Configuring security domains based on global security -- Creating a global security domain clone -- Creating a security domain using scripting -- User registry concepts -- What is a user registry -- WebSphere use of user repositories -- Authentication -- Authorization -- Supported user registry types -- Local operating system -- Standalone LDAP -- Standalone custom registry -- Federated repositories -- Protecting application servers -- WebSphere environment assumptions -- Prerequisites -- Creating an application server -- Creating a virtual host -- Creating application JDBC Provider and DataSource -- Configuring the global security to use the federated user registry -- Creating a security domain for the application server -- Configuring user authentication -- Creating groups -- Creating users -- Assigning users to groups -- Configuring access to resources -- Testing the secured application server environment -- Deploying and securing an enterprise application -- Accessing the secured enterprise application -- Summary
4. Front-End Communication Security -- Front-end enterprise application infrastructure architectures -- WebSphere horizontal cluster classic architecture -- WebSphere horizontal cluster using dual-zone architecture -- WebSphere horizontal cluster using multi-zone architecture -- SSL configuration and management -- What is SSL -- How SSL works -- Certificates and CAs -- Securing front-end components communication -- Securing the IBM HTTP Server -- Environment assumptions -- SSL configuration prerequisites -- Add SSL ports to WebSphere employees_vh virtual server -- Creating the SSL system components -- Create the IHS SSL keystore -- List built-in CA certificates included in keystore -- Create self-signed certificate -- Confirm the creation of self-signed certificate -- Configuring IHS for SSL -- Modifications to httpd.conf -- Extract the WebSphere CA certificate -- Add WAS self-signed certificate to the plug-in -- Validation of the SSL configuration -- Summary -- 5. Securing Web Applications -- Securing web applications concepts -- Developer view of web application security -- Administrator view of web application security -- Securing a web application -- Project objectives -- Assumptions -- Prerequisites -- Enterprise application architecture -- Application groups -- Application users -- Application memberships -- ACLs based on user registry groups -- ACLs based on application roles -- Dynamic web modules -- Securing a J2EE web application -- Creating the enterprise application project -- Creating the dynamic web application projects -- Configuring dynamic web applications -- Defining welcome files -- Adding log in information -- Defining protected URI patterns and methods -- Creating application roles -- Assigning the application role -- Defining client-server transport type -- Mapping web modules to employees_vh
Configuring enterprise applications -- Defining roles -- Mapping groups to roles -- Adding content to dynamic web applications -- Adding web files -- Adding Java components -- Completing the Java code -- Analysis of the initial servlet code -- Completing the servlet code -- Packaging an enterprise application -- Deploying the enterprise application -- Testing the enterprise application -- Summary -- 6. Securing Enterprise Java Beans Applications -- EJB application security concepts -- Declarative security -- Programmatic security -- EJB project design -- EJB application du jour -- Objective-security -- Objective-functional -- Project design-UI aspect -- Project design-programming component -- Project design-implementation phase -- EJB project prerequisites and assumptions -- Project assumptions -- Project prerequisites -- Creating an Enterprise Application Project -- Creating the project workspace -- Enterprise application project requirements -- EAR version -- Target runtime -- Creating the enterprise application project -- Selecting the project EAR version -- Creating a target runtime -- Creating the deployment descriptor -- Creating the portal Dynamic Web Project -- Creating the portal DWP -- Defining the DWP context root -- Creating the DWP deployment descriptor -- Configuring the portal DWP deployment descriptor -- Defining the welcome pages suite -- Adding login information -- Securing protected URI patterns and HTTP methods -- Defining security constraints -- Defining resource collections -- Defining application roles -- Defining the client-server transport type -- Mapping module to virtual host -- Creating content for the portal DWP -- Location of files within the project -- Logical file organization -- Creating the common HTML files -- Creating the custom HTML files -- Creating the JSP files -- Pagelet selector JSP files
Portal home selector JSP files -- Creating the Servlet PortalHomeSelectorServlet -- Creating a Java package -- Creating the Servlet -- Creating the code for PortalHomeSelectorServlet -- Package definition and import statements -- Declaration of class constants and variables -- HTTP methods -- Getting parameters -- Communicating with EJB -- Forwarding control to another component -- Creating an EJB project -- Creating the initial project -- Creating the Java packages -- Creating the EJB interfaces -- Creating IPortalSelectorSessionBean interface -- Creating the local and remote EJB interfaces -- Creating the EJB -- Creating the code for PortalSelectorSessionBean -- Package definition and import statements -- Class definition -- Instance variables -- Linking to the user context -- Programmatic security -- Declarative security -- The grand finale -- Packaging the enterprise project as an EAR -- Deploying the EAR -- Testing the application -- Summary -- 7. Securing Back-end Communication -- LDAP: Uses of encryption -- Securing the LDAP channel -- Protocol: LDAP and the Internet Protocol Suite -- The importance of securing the LDAP channel -- Choices in securing the LDAP channel -- Enabling SSL for LDAP -- Creating a key ring for storing key stores -- JCE Policy files -- Creating a trust db for storing trust stores -- Creating a key store for use with LDAP -- Creating a trust store to use with LDAP -- Creating an SSL configuration for LDAP -- Obtaining the LDAP server SSL certificate -- Configuring LDAP for SSL -- JDBC: WebSphere-managed authentication -- Protocol(s) -- The JDBC API -- Connection/Driver Manager and Data Source/JDBC provider -- The JDBC Application Layer -- Choices to secure the database channel -- Examples of securing the JDBC connection -- Defining a new JDBC provider -- Defining a new Data Source -- Summary
8. Secure Enterprise Infrastructure Architectures
Secure your IBM WebSphere applications with Java EE and JAAS security standards using this book and eBook
Description based on publisher supplied metadata and other sources
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2020. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries
Link Print version: Siliceo, Omar IBM WebSphere Application Server v7.0 Security Olton : Packt Publishing, Limited,c2011 9781849681483
Subject Electronic circuit design.;Electric circuit analysis
Electronic books
Record:   Prev Next